Solved

Cisco VPN static-to-dynamic

Posted on 2013-01-17
7
418 Views
Last Modified: 2013-04-26
Hi,
On my PIX v.8 I have already site to site vpns configured, and I have too remote access vpn configured, what I need to configure now is another vpn with a remote site with dynamic ip.
The remote site has Cisco 877 Router, on it, I already configured the crypto stuff and access list, but I don't know how to configure this new vpn on the PIX adding it to the others already configured.
Any help will be appreciated.
0
Comment
Question by:arefone
7 Comments
 
LVL 94

Expert Comment

by:John Hurst
ID: 38787036
Site to site normally requires static IP addressing. There are two approaches:

1. Use DynDNS to provide a static address even though your remote site changes.  

http://dyn.com/dns/

2. If the remote IP address changes infrequently (not more frequently that once a year) then just use the address and change when needed. I use this approach for my home office site to site tunnels.

.... Thinkpads_User
0
 
LVL 18

Accepted Solution

by:
fgasimzade earned 500 total points
ID: 38787090
0
 
LVL 1

Author Comment

by:arefone
ID: 38787148
I tried already that doc, it did not work, when I try to issue the command "tunnel-group DefaultL2LGroup general-attributes
   authentication-server-group none" on the pix, it tells that no "authentication-server-group none" option available.
0
Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

 
LVL 18

Expert Comment

by:fgasimzade
ID: 38787159
Just dont use this option. The configuration described there is 100% working
0
 
LVL 1

Author Comment

by:arefone
ID: 38787200
Sorry Fgasimzade, can you post me the configs I need to implement on my pix without having all the stuff I don't need so it helps better?
0
 
LVL 1

Expert Comment

by:Xvidalx
ID: 38788596
yessss.. configs and logs... will help
0
 
LVL 1

Author Closing Comment

by:arefone
ID: 39115112
with "tunnel-group DefaultL2LGroup ipsec-attributes" command on PIX it worked.
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question